Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Candidate would perform Network/Application and Web Application penetration testing. Also create custom scripts and perform automation while also perform security assessments on both Legacy on-prem and cloud environments. Candidate would also Identify, document and communicate vulnerabilities. Responsibilities : Application Security Testing Perform application penetration testing as part of a team. Perform retests of vulnerabilities to verify previous findings have been remediated. Review reports of the testing and conduct security risk assessment of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct code scans using automated tools and risk rate the vulnerabilities according to the organization risk profile and mitigating controls. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Setup Command & Control C2 Infrastructure. Understand vulnerabilities and develop relevant payloads for use during pen testing activities. Perform independent reviews of the applications. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts to integrate Security tools into the pipeline and assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Perform other duties as assigned. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing and more. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Nice to have - Experience working on critical infrastructure in a regulated environment Technical Skills: Strong proficiency in network, application penetration testing Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio). Proficient in basic document management in a Microsoft SharePoint environment. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Experience with using ServiceNow. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.) Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP) General knowledge of cryptography (symmetric and asymmetric encryption, digital signatures, message digests, certificates, PKI, SSL/TLS, etc.) Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, GCP) Cloud security concepts, best practices, and environments Knowledge of Secure DevOps concepts Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 3+ Years' experience penetration testing. 5+ Years' experience in Information Assurance or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline Exposure to security architecture design through application development or knowledge of security concepts/best practices Previous work in development, architecture or quality assurance testing may be applicable to the position requirements. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
26/02/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Candidate would perform Network/Application and Web Application penetration testing. Also create custom scripts and perform automation while also perform security assessments on both Legacy on-prem and cloud environments. Candidate would also Identify, document and communicate vulnerabilities. Responsibilities : Application Security Testing Perform application penetration testing as part of a team. Perform retests of vulnerabilities to verify previous findings have been remediated. Review reports of the testing and conduct security risk assessment of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct code scans using automated tools and risk rate the vulnerabilities according to the organization risk profile and mitigating controls. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Setup Command & Control C2 Infrastructure. Understand vulnerabilities and develop relevant payloads for use during pen testing activities. Perform independent reviews of the applications. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts to integrate Security tools into the pipeline and assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Perform other duties as assigned. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing and more. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Nice to have - Experience working on critical infrastructure in a regulated environment Technical Skills: Strong proficiency in network, application penetration testing Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio). Proficient in basic document management in a Microsoft SharePoint environment. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Experience with using ServiceNow. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.) Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP) General knowledge of cryptography (symmetric and asymmetric encryption, digital signatures, message digests, certificates, PKI, SSL/TLS, etc.) Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, GCP) Cloud security concepts, best practices, and environments Knowledge of Secure DevOps concepts Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 3+ Years' experience penetration testing. 5+ Years' experience in Information Assurance or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline Exposure to security architecture design through application development or knowledge of security concepts/best practices Previous work in development, architecture or quality assurance testing may be applicable to the position requirements. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Application Security Engineer. This role is focused on applications penetration testing, web application testing, risk assessments of vulnerabilities, C2 Infrastructure, Network testing, etc. Responsibilities: Application Security Testing Perform application penetration testing as part of a team. Perform retests of vulnerabilities to verify previous findings have been remediated. Review reports of the testing and conduct security risk assessment of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct code scans using automated tools and risk rate the vulnerabilities according to the organization risk profile and mitigating controls. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Setup Command & Control C2 Infrastructure. Understand vulnerabilities and develop relevant payloads for use during pen testing activities. Perform independent reviews of company applications. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in company testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts to integrate Security tools into the pipeline and assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 3+ Years' experience penetration testing. 5+ Years' experience in Information Assurance or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline Exposure to security architecture design through application development or knowledge of security concepts/best practices Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing and more. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.) Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP)
26/02/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Application Security Engineer. This role is focused on applications penetration testing, web application testing, risk assessments of vulnerabilities, C2 Infrastructure, Network testing, etc. Responsibilities: Application Security Testing Perform application penetration testing as part of a team. Perform retests of vulnerabilities to verify previous findings have been remediated. Review reports of the testing and conduct security risk assessment of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct code scans using automated tools and risk rate the vulnerabilities according to the organization risk profile and mitigating controls. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Setup Command & Control C2 Infrastructure. Understand vulnerabilities and develop relevant payloads for use during pen testing activities. Perform independent reviews of company applications. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in company testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts to integrate Security tools into the pipeline and assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 3+ Years' experience penetration testing. 5+ Years' experience in Information Assurance or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline Exposure to security architecture design through application development or knowledge of security concepts/best practices Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing and more. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.) Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP)
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Application Security Engineer. This role is focused on applications penetration testing, web application testing, risk assessments of vulnerabilities, C2 Infrastructure, Network testing, etc. Responsibilities: Application Security Testing Perform application penetration testing as part of a team. Perform retests of vulnerabilities to verify previous findings have been remediated. Review reports of the testing and conduct security risk assessment of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct code scans using automated tools and risk rate the vulnerabilities according to the organization risk profile and mitigating controls. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Setup Command & Control C2 Infrastructure. Understand vulnerabilities and develop relevant payloads for use during pen testing activities. Perform independent reviews of company applications. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in company testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts to integrate Security tools into the pipeline and assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 3+ Years' experience penetration testing. 5+ Years' experience in Information Assurance or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline Exposure to security architecture design through application development or knowledge of security concepts/best practices Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing and more. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.) Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP)
26/02/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Application Security Engineer. This role is focused on applications penetration testing, web application testing, risk assessments of vulnerabilities, C2 Infrastructure, Network testing, etc. Responsibilities: Application Security Testing Perform application penetration testing as part of a team. Perform retests of vulnerabilities to verify previous findings have been remediated. Review reports of the testing and conduct security risk assessment of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct code scans using automated tools and risk rate the vulnerabilities according to the organization risk profile and mitigating controls. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Setup Command & Control C2 Infrastructure. Understand vulnerabilities and develop relevant payloads for use during pen testing activities. Perform independent reviews of company applications. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in company testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts to integrate Security tools into the pipeline and assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 3+ Years' experience penetration testing. 5+ Years' experience in Information Assurance or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline Exposure to security architecture design through application development or knowledge of security concepts/best practices Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing and more. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.) Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP)
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Candidate would perform Network/Application and Web Application penetration testing. Also create custom scripts and perform automation while also perform security assessments on both Legacy on-prem and cloud environments. Candidate would also Identify, document and communicate vulnerabilities. Responsibilities : Application Security Testing Perform application penetration testing as part of a team. Perform retests of vulnerabilities to verify previous findings have been remediated. Review reports of the testing and conduct security risk assessment of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct code scans using automated tools and risk rate the vulnerabilities according to the organization risk profile and mitigating controls. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Setup Command & Control C2 Infrastructure. Understand vulnerabilities and develop relevant payloads for use during pen testing activities. Perform independent reviews of the applications. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts to integrate Security tools into the pipeline and assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Perform other duties as assigned. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing and more. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Nice to have - Experience working on critical infrastructure in a regulated environment Technical Skills: Strong proficiency in network, application penetration testing Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio). Proficient in basic document management in a Microsoft SharePoint environment. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Experience with using ServiceNow. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.) Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP) General knowledge of cryptography (symmetric and asymmetric encryption, digital signatures, message digests, certificates, PKI, SSL/TLS, etc.) Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, GCP) Cloud security concepts, best practices, and environments Knowledge of Secure DevOps concepts Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 3+ Years' experience penetration testing. 5+ Years' experience in Information Assurance or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline Exposure to security architecture design through application development or knowledge of security concepts/best practices Previous work in development, architecture or quality assurance testing may be applicable to the position requirements. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
26/02/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Candidate would perform Network/Application and Web Application penetration testing. Also create custom scripts and perform automation while also perform security assessments on both Legacy on-prem and cloud environments. Candidate would also Identify, document and communicate vulnerabilities. Responsibilities : Application Security Testing Perform application penetration testing as part of a team. Perform retests of vulnerabilities to verify previous findings have been remediated. Review reports of the testing and conduct security risk assessment of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct code scans using automated tools and risk rate the vulnerabilities according to the organization risk profile and mitigating controls. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Setup Command & Control C2 Infrastructure. Understand vulnerabilities and develop relevant payloads for use during pen testing activities. Perform independent reviews of the applications. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts to integrate Security tools into the pipeline and assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Perform other duties as assigned. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing and more. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Nice to have - Experience working on critical infrastructure in a regulated environment Technical Skills: Strong proficiency in network, application penetration testing Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio). Proficient in basic document management in a Microsoft SharePoint environment. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Experience with using ServiceNow. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.) Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP) General knowledge of cryptography (symmetric and asymmetric encryption, digital signatures, message digests, certificates, PKI, SSL/TLS, etc.) Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, GCP) Cloud security concepts, best practices, and environments Knowledge of Secure DevOps concepts Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 3+ Years' experience penetration testing. 5+ Years' experience in Information Assurance or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline Exposure to security architecture design through application development or knowledge of security concepts/best practices Previous work in development, architecture or quality assurance testing may be applicable to the position requirements. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
Job Title: Velocloud Architect Job Description A Product Architect is required to work on the entire Network Product catalogue, particularly focusing on VMware Velocloud SDWAN and VMware SASE technology. You will collaborate with both sales and technical teams to customise off-the-shelf technologies for end customers. Responsibilities Collaborate with sales and technical teams to tailor off-the-shelf technologies for end customers. Work on the entire Network Product catalogue, focusing on VMware Velocloud SDWAN and VMware SASE technology. Manage product roadmaps and product management activities. Engage in business analysis and project management tasks. Operate within an Agile environment. Essential Skills Experience in product management. Proficiency in managing product roadmaps. Expertise in VMware technologies, specifically VMware Velocloud SDWAN and VMware SASE. Strong business analysis skills. Project management capabilities. Knowledge of Agile methodologies. Additional Skills & Qualifications Good stakeholder management skills. Why Work Here? This role offers a long-term contract with a prestigious blue chip client, providing an excellent opportunity to work remotely while contributing to a leading-edge technology environment. Job Type & Location This is a Contract position based out of Newbury, United Kingdom. Location Newbury, UK Trading as TEKsystems. Allegis Group Limited, Bracknell, RG12 1RT, United Kingdom. No Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at our website. To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go our website. We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice on our website for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
25/02/2025
Project-based
Job Title: Velocloud Architect Job Description A Product Architect is required to work on the entire Network Product catalogue, particularly focusing on VMware Velocloud SDWAN and VMware SASE technology. You will collaborate with both sales and technical teams to customise off-the-shelf technologies for end customers. Responsibilities Collaborate with sales and technical teams to tailor off-the-shelf technologies for end customers. Work on the entire Network Product catalogue, focusing on VMware Velocloud SDWAN and VMware SASE technology. Manage product roadmaps and product management activities. Engage in business analysis and project management tasks. Operate within an Agile environment. Essential Skills Experience in product management. Proficiency in managing product roadmaps. Expertise in VMware technologies, specifically VMware Velocloud SDWAN and VMware SASE. Strong business analysis skills. Project management capabilities. Knowledge of Agile methodologies. Additional Skills & Qualifications Good stakeholder management skills. Why Work Here? This role offers a long-term contract with a prestigious blue chip client, providing an excellent opportunity to work remotely while contributing to a leading-edge technology environment. Job Type & Location This is a Contract position based out of Newbury, United Kingdom. Location Newbury, UK Trading as TEKsystems. Allegis Group Limited, Bracknell, RG12 1RT, United Kingdom. No Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at our website. To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go our website. We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice on our website for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
Cloud Infrastructure Architect Location: Hybrid - 2 Days onsite - Zurich Duration: 12 months Day Rate: 750 - 900 CHF Per Day Role Summary: One of our consultancy clients is looking for a Cloud Infrastructure Architect to join a project of theirs ASAP. As a Cloud Infrastructure Engineer, you will be responsible for designing, implementing, and managing the cloud infrastructure. You will work closely with the development and operations teams to ensure the scalability, reliability, and security of our cloud-based systems. Key Skills: Must be based in Switzerland Fluent in English - Fluent in German beneficial Proven experience with cloud platforms such as AWS, Azure, or Google Cloud Platform. Strong knowledge of cloud infrastructure, networking, and security. Experience with infrastructure-as-code tools like Terraform or CloudFormation. Proficiency in Scripting languages such as Python, Bash, or PowerShell. Excellent problem-solving skills and attention to detail. Strong communication and collaboration skills. Familiarity with CI/CD pipelines and DevOps practices. Responsibilities Design and implement cloud infrastructure solutions using AWS, Azure, or Google Cloud Platform. Manage and optimize cloud resources to ensure high availability and performance. Automate deployment, monitoring, and management processes. Collaborate with development teams to integrate cloud services into applications. Ensure security best practices are followed and implemented. Troubleshoot and resolve issues related to cloud infrastructure. Stay up-to-date with the latest cloud technologies and trends. Cloud Infrastructure Architect Standort : Hybrid - 2 Tage vor Ort - Zürich Dauer : 12 Monate Tagessatz : 750 - 900 CHF pro Tag Rollenübersicht: Einer unserer Beratungskunden sucht so schnell wie möglich einen Cloud Infrastructure Architect für ein Projekt von ihm. Als Cloud Infrastructure Engineer sind Sie für die Entwicklung, Implementierung und Verwaltung der Cloud-Infrastruktur verantwortlich. Sie arbeiten eng mit den Entwicklungs- und Betriebsteams zusammen, um die Skalierbarkeit, Zuverlässigkeit und Sicherheit unserer Cloud-basierten Systeme sicherzustellen. Schlüsselqualifikationen : Sie müssen in der Schweiz ansässig sein Fließende Englischkenntnisse - fließende Deutschkenntnisse von Vorteil Nachgewiesene Erfahrung mit Cloud-Plattformen wie AWS, Azure oder Google Cloud Platform. Umfassende Kenntnisse in Cloud-Infrastruktur, Netzwerken und Sicherheit. Erfahrung mit Infrastructure-as-Code-Tools wie Terraform oder CloudFormation. Kenntnisse in Skriptsprachen wie Python, Bash oder PowerShell. Hervorragende Problemlösungsfähigkeiten und Liebe zum Detail. Ausgeprägte Kommunikations- und Zusammenarbeitsfähigkeiten. Vertrautheit mit CI/CD-Pipelines und DevOps-Praktiken. Verantwortlichkeiten Entwerfen und implementieren Sie Cloud-Infrastrukturlösungen mit AWS, Azure oder Google Cloud Platform. Verwalten und optimieren Sie Cloud-Ressourcen, um hohe Verfügbarkeit und Leistung sicherzustellen. Automatisieren Sie Bereitstellungs-, Überwachungs- und Verwaltungsprozesse. Arbeiten Sie mit Entwicklungsteams zusammen, um Cloud-Dienste in Anwendungen zu integrieren. Stellen Sie sicher, DASS bewährte Sicherheitspraktiken befolgt und implementiert werden. Beheben und lösen Sie Probleme im Zusammenhang mit der Cloud-Infrastruktur. Bleiben Sie über die neuesten Cloud-Technologien und -Trends auf dem Laufenden.
25/02/2025
Project-based
Cloud Infrastructure Architect Location: Hybrid - 2 Days onsite - Zurich Duration: 12 months Day Rate: 750 - 900 CHF Per Day Role Summary: One of our consultancy clients is looking for a Cloud Infrastructure Architect to join a project of theirs ASAP. As a Cloud Infrastructure Engineer, you will be responsible for designing, implementing, and managing the cloud infrastructure. You will work closely with the development and operations teams to ensure the scalability, reliability, and security of our cloud-based systems. Key Skills: Must be based in Switzerland Fluent in English - Fluent in German beneficial Proven experience with cloud platforms such as AWS, Azure, or Google Cloud Platform. Strong knowledge of cloud infrastructure, networking, and security. Experience with infrastructure-as-code tools like Terraform or CloudFormation. Proficiency in Scripting languages such as Python, Bash, or PowerShell. Excellent problem-solving skills and attention to detail. Strong communication and collaboration skills. Familiarity with CI/CD pipelines and DevOps practices. Responsibilities Design and implement cloud infrastructure solutions using AWS, Azure, or Google Cloud Platform. Manage and optimize cloud resources to ensure high availability and performance. Automate deployment, monitoring, and management processes. Collaborate with development teams to integrate cloud services into applications. Ensure security best practices are followed and implemented. Troubleshoot and resolve issues related to cloud infrastructure. Stay up-to-date with the latest cloud technologies and trends. Cloud Infrastructure Architect Standort : Hybrid - 2 Tage vor Ort - Zürich Dauer : 12 Monate Tagessatz : 750 - 900 CHF pro Tag Rollenübersicht: Einer unserer Beratungskunden sucht so schnell wie möglich einen Cloud Infrastructure Architect für ein Projekt von ihm. Als Cloud Infrastructure Engineer sind Sie für die Entwicklung, Implementierung und Verwaltung der Cloud-Infrastruktur verantwortlich. Sie arbeiten eng mit den Entwicklungs- und Betriebsteams zusammen, um die Skalierbarkeit, Zuverlässigkeit und Sicherheit unserer Cloud-basierten Systeme sicherzustellen. Schlüsselqualifikationen : Sie müssen in der Schweiz ansässig sein Fließende Englischkenntnisse - fließende Deutschkenntnisse von Vorteil Nachgewiesene Erfahrung mit Cloud-Plattformen wie AWS, Azure oder Google Cloud Platform. Umfassende Kenntnisse in Cloud-Infrastruktur, Netzwerken und Sicherheit. Erfahrung mit Infrastructure-as-Code-Tools wie Terraform oder CloudFormation. Kenntnisse in Skriptsprachen wie Python, Bash oder PowerShell. Hervorragende Problemlösungsfähigkeiten und Liebe zum Detail. Ausgeprägte Kommunikations- und Zusammenarbeitsfähigkeiten. Vertrautheit mit CI/CD-Pipelines und DevOps-Praktiken. Verantwortlichkeiten Entwerfen und implementieren Sie Cloud-Infrastrukturlösungen mit AWS, Azure oder Google Cloud Platform. Verwalten und optimieren Sie Cloud-Ressourcen, um hohe Verfügbarkeit und Leistung sicherzustellen. Automatisieren Sie Bereitstellungs-, Überwachungs- und Verwaltungsprozesse. Arbeiten Sie mit Entwicklungsteams zusammen, um Cloud-Dienste in Anwendungen zu integrieren. Stellen Sie sicher, DASS bewährte Sicherheitspraktiken befolgt und implementiert werden. Beheben und lösen Sie Probleme im Zusammenhang mit der Cloud-Infrastruktur. Bleiben Sie über die neuesten Cloud-Technologien und -Trends auf dem Laufenden.
Outsystems CoE Lead My client has a requirement for a CoE lead who can drive their Centre of excellence in Outsystems. S/He will have to work with the Outsystems Development team and Client senior management to ensure they deliver the best Outsystems quality projects keeping clients organization goals/roadmap in place. 1)Architecture and Quality of all ongoing development projects . Ensure designing designing applications that are scalable, secure, and maintainable. By establishing architectural best practices and governance frameworks, the CoE ensures that all solutions adhere to high-quality standards. Key responsibilities include: Defining application architecture patterns and standards. Enforcing compliance with security, scalability, and performance guidelines. Conducting code reviews to maintain technical excellence. Utilizing tools like OutSystems Lifetime for monitoring and auditing. 2)Ensure Code Reusability Reusability is at the heart of efficient low-code development. This pillar emphasizes creating shared components, libraries, and templates that developers can leverage across projects, reducing redundancy and accelerating delivery. Key responsibilities include: Building a repository of reusable modules, widgets, and connectors. Promoting standardization in UI/UX and Back End processes. Enabling teams to adopt reusable components through documentation and training. Fostering collaboration between teams to share best practices and innovations. 3)Release Management: Establish a process of release management, planning releases, talking to multiple development teams and Product owners and come up with release plan to ensure all stages of environment are not impacted, none of the development team is getting impacted by the release. To ensure no last minute glitches, hindrances, better planning would be required. This foundation ensures smooth, efficient, and reliable application releases while managing the underlying platform's performance and scalability. It emphasizes operational excellence and continuous delivery. Key responsibilities include: Managing CI/CD pipelines for automated deployments. Overseeing environment management (development, staging, production). Monitoring platform health, performance, and usage metrics. Defining processes for version control, rollback, and disaster recovery. By establishing a robust Center of Excellence, organizations can: Enhance Quality: Through architecture governance and reusable components. Accelerate Development: By leveraging reusable code and streamlining release processes. Ensure Scalability: With platform operations optimized for performance. Promote Innovation: By enabling teams to focus on solving business challenges rather than reinventing the wheel. Align Business and IT: Through standardized processes and strategic oversight. 4)Platform Operations - To manage, govern, and enable the efficient use of the OutSystems platform across the organization. By defining processes, enforcing standards, and driving technical excellence, the CoE ensures that teams deliver scalable, secure, and high-quality applications in alignment with business needs. This CoE Lead should provide expertise, tools, and methodologies to accelerate delivery while mitigating risks, enabling organizations to achieve both short-term results and long-term digital transformation goals. 5)To Strengthen the CoE Maintaining the technical quality of OutSystems applications-especially across multiple suppliers and distributed teams-can be challenging. Ensuring scalability, reusability, and adherence to best practices
25/02/2025
Project-based
Outsystems CoE Lead My client has a requirement for a CoE lead who can drive their Centre of excellence in Outsystems. S/He will have to work with the Outsystems Development team and Client senior management to ensure they deliver the best Outsystems quality projects keeping clients organization goals/roadmap in place. 1)Architecture and Quality of all ongoing development projects . Ensure designing designing applications that are scalable, secure, and maintainable. By establishing architectural best practices and governance frameworks, the CoE ensures that all solutions adhere to high-quality standards. Key responsibilities include: Defining application architecture patterns and standards. Enforcing compliance with security, scalability, and performance guidelines. Conducting code reviews to maintain technical excellence. Utilizing tools like OutSystems Lifetime for monitoring and auditing. 2)Ensure Code Reusability Reusability is at the heart of efficient low-code development. This pillar emphasizes creating shared components, libraries, and templates that developers can leverage across projects, reducing redundancy and accelerating delivery. Key responsibilities include: Building a repository of reusable modules, widgets, and connectors. Promoting standardization in UI/UX and Back End processes. Enabling teams to adopt reusable components through documentation and training. Fostering collaboration between teams to share best practices and innovations. 3)Release Management: Establish a process of release management, planning releases, talking to multiple development teams and Product owners and come up with release plan to ensure all stages of environment are not impacted, none of the development team is getting impacted by the release. To ensure no last minute glitches, hindrances, better planning would be required. This foundation ensures smooth, efficient, and reliable application releases while managing the underlying platform's performance and scalability. It emphasizes operational excellence and continuous delivery. Key responsibilities include: Managing CI/CD pipelines for automated deployments. Overseeing environment management (development, staging, production). Monitoring platform health, performance, and usage metrics. Defining processes for version control, rollback, and disaster recovery. By establishing a robust Center of Excellence, organizations can: Enhance Quality: Through architecture governance and reusable components. Accelerate Development: By leveraging reusable code and streamlining release processes. Ensure Scalability: With platform operations optimized for performance. Promote Innovation: By enabling teams to focus on solving business challenges rather than reinventing the wheel. Align Business and IT: Through standardized processes and strategic oversight. 4)Platform Operations - To manage, govern, and enable the efficient use of the OutSystems platform across the organization. By defining processes, enforcing standards, and driving technical excellence, the CoE ensures that teams deliver scalable, secure, and high-quality applications in alignment with business needs. This CoE Lead should provide expertise, tools, and methodologies to accelerate delivery while mitigating risks, enabling organizations to achieve both short-term results and long-term digital transformation goals. 5)To Strengthen the CoE Maintaining the technical quality of OutSystems applications-especially across multiple suppliers and distributed teams-can be challenging. Ensuring scalability, reusability, and adherence to best practices
Database SME Daily Rate Contract Dublin (Hybrid) A Financial Services client in Dublin is looking to bring in an experienced DBA/Database Consultant with strong experience working in cloud environments. This client is happy for candidates to work remotely with occasional travel to Dublin. Required Skills & Qualifications: Proven experience as a Cloud Database Administrator, with strong expertise in managing Oracle databases (PL/SQL)/SQL Experience with DDL/DML change management tools like TOAD, Redgate Flyway, Liquibase etc. Strong proficiency in PL/SQL for database development and optimization. Solid experience with Python Scripting for automation, performance monitoring, and database maintenance. Experience with cloud database platforms such as AWS or Azure SQL. Knowledge of database backup, recovery, and disaster recovery strategies in cloud environments. Experience in database performance tuning and troubleshooting. Familiarity with cloud infrastructure and deployment tools (eg, Terraform, Kubernetes). Understanding of database security best practices and compliance requirements. Excellent problem-solving skills and the ability to work independently and as part of a team. Strong communication skills, with the ability to liaise with both technical and non-technical stakeholders. Preferred Skills: Experience with other database systems (eg, MongoDB, PostgreSQL). Familiarity with containerization and microservices architecture. Experience with DevOps tools and practices such as Ansible/Bitbucket
25/02/2025
Project-based
Database SME Daily Rate Contract Dublin (Hybrid) A Financial Services client in Dublin is looking to bring in an experienced DBA/Database Consultant with strong experience working in cloud environments. This client is happy for candidates to work remotely with occasional travel to Dublin. Required Skills & Qualifications: Proven experience as a Cloud Database Administrator, with strong expertise in managing Oracle databases (PL/SQL)/SQL Experience with DDL/DML change management tools like TOAD, Redgate Flyway, Liquibase etc. Strong proficiency in PL/SQL for database development and optimization. Solid experience with Python Scripting for automation, performance monitoring, and database maintenance. Experience with cloud database platforms such as AWS or Azure SQL. Knowledge of database backup, recovery, and disaster recovery strategies in cloud environments. Experience in database performance tuning and troubleshooting. Familiarity with cloud infrastructure and deployment tools (eg, Terraform, Kubernetes). Understanding of database security best practices and compliance requirements. Excellent problem-solving skills and the ability to work independently and as part of a team. Strong communication skills, with the ability to liaise with both technical and non-technical stakeholders. Preferred Skills: Experience with other database systems (eg, MongoDB, PostgreSQL). Familiarity with containerization and microservices architecture. Experience with DevOps tools and practices such as Ansible/Bitbucket
PostgreSQL DBA Location - Manchester Hybrid Duration - 4-6 months Inside iR35 We are heading up a recruitment drive for a global consultancy that require a PostgreSQL DBA to join them on a major banking project that's based in Manchester. Primary Skills 1. Must have hands on experience as Database Administration specifically with MongoDB, PostgreSQL/Oracle. 2. Working with database software to find ways to store, organise and manage data 3. Expert knowledge of RDBMS and NoSQL data stores and working with a variety of structures including JSON and XML 4. Experience of software development with distributed data processing technologies including Oracle, MongoDB, PostgreSQL 5. Experience in keeping databases up to date, troubleshooting, helping with database design & development, and managing database access. 6. Experience in designing maintenance procedures and putting them into operation. 7. Liaising with programmers, applications/operational staff, IT project managers and other technical staff 8. Managing database security/integrity and backup procedures, implementing security measures. Secondary Skills 1. Writing reports, documentation, and operating manuals 2. Testing and modifying databases to ensure that they operate reliably 3. Writing disaster recovery plans and archiving/housekeeping data. 4. Knowledge of Cloud platforms, serverless architecture preferable 5. Good understanding of software patterns and when/how to apply them 6. Knowledge of Kafka will be advantageous 7. Experience of working in an Agile/DevOps software development environment 8. Have ability to help with mentoring tasks. 9. Have experience in working on Support activities. DBA - PostgreSQL, Mongo DB, MySQL
24/02/2025
Project-based
PostgreSQL DBA Location - Manchester Hybrid Duration - 4-6 months Inside iR35 We are heading up a recruitment drive for a global consultancy that require a PostgreSQL DBA to join them on a major banking project that's based in Manchester. Primary Skills 1. Must have hands on experience as Database Administration specifically with MongoDB, PostgreSQL/Oracle. 2. Working with database software to find ways to store, organise and manage data 3. Expert knowledge of RDBMS and NoSQL data stores and working with a variety of structures including JSON and XML 4. Experience of software development with distributed data processing technologies including Oracle, MongoDB, PostgreSQL 5. Experience in keeping databases up to date, troubleshooting, helping with database design & development, and managing database access. 6. Experience in designing maintenance procedures and putting them into operation. 7. Liaising with programmers, applications/operational staff, IT project managers and other technical staff 8. Managing database security/integrity and backup procedures, implementing security measures. Secondary Skills 1. Writing reports, documentation, and operating manuals 2. Testing and modifying databases to ensure that they operate reliably 3. Writing disaster recovery plans and archiving/housekeeping data. 4. Knowledge of Cloud platforms, serverless architecture preferable 5. Good understanding of software patterns and when/how to apply them 6. Knowledge of Kafka will be advantageous 7. Experience of working in an Agile/DevOps software development environment 8. Have ability to help with mentoring tasks. 9. Have experience in working on Support activities. DBA - PostgreSQL, Mongo DB, MySQL
Level 3 Engineer Portishead UK (5 days onsite/week) £40k - £50k pa Io Associates is looking for L3 Engineer for a Technology Solutions Provider (TSP) based in Portishead , specialising in managed IT services, cloud solutions, cybersecurity, and infrastructure management . The company cater to diverse needs such as network architecture, endpoint management, cloud migration, and implementing robust security frameworks whilst emphasizing risk management, compliance, and innovation to optimize IT ecosystems for businesses of all sizes, ensuring scalability, security, and efficiency. They are looking for an L3 Engineer to join our Service Desk team , providing expert technical support and leading IT projects to improve client systems. This role requires a strong background in network administration, cloud technologies, cybersecurity, and server management Key Responsibilities: In this role, You will Provide IT support to clients, ensuring efficient resolution of technical issues. Design, implement, and manage IT infrastructure, including Servers, networks, and cloud environments. Lead IT projects , ensuring timely and effective delivery. Manage and maintain security protocols , protecting against cyber threats. Monitor and troubleshoot network performance , implementing improvements where necessary. Ensure data backup, disaster recovery, and business continuity solutions are in place. Advise clients on IT best practices and emerging technologies to enhance their business operations. Technical Skills & Expertise: Server Administration: Windows Server () Cloud Platforms: Azure, AWS (Deployments & Management) Networking: VLANs, Switch Stacks, LAN/WAN troubleshooting (Wireshark, iPerf) Security: Firewall rules, policies, DMZ configuration, cybersecurity best practices Microsoft Technologies: Active Directory, Entra, DNS/DHCP, Microsoft Exchange, Office 365 Virtualisation: VMware, Hyper-V Backup & Disaster Recovery Solutions Desirable Certifications: Microsoft Certified Professional (MCP), MCSA CCNA, VMware, Hyper-V Cloud Certifications (Azure/AWS) Firewall & Network Accreditations (Fortinet, Cisco, SonicWall, Ruckus) If you are interested to work for a company where innovation, security, and excellence drive our services, Apply Now! Please send your CV/coversheet
19/02/2025
Full time
Level 3 Engineer Portishead UK (5 days onsite/week) £40k - £50k pa Io Associates is looking for L3 Engineer for a Technology Solutions Provider (TSP) based in Portishead , specialising in managed IT services, cloud solutions, cybersecurity, and infrastructure management . The company cater to diverse needs such as network architecture, endpoint management, cloud migration, and implementing robust security frameworks whilst emphasizing risk management, compliance, and innovation to optimize IT ecosystems for businesses of all sizes, ensuring scalability, security, and efficiency. They are looking for an L3 Engineer to join our Service Desk team , providing expert technical support and leading IT projects to improve client systems. This role requires a strong background in network administration, cloud technologies, cybersecurity, and server management Key Responsibilities: In this role, You will Provide IT support to clients, ensuring efficient resolution of technical issues. Design, implement, and manage IT infrastructure, including Servers, networks, and cloud environments. Lead IT projects , ensuring timely and effective delivery. Manage and maintain security protocols , protecting against cyber threats. Monitor and troubleshoot network performance , implementing improvements where necessary. Ensure data backup, disaster recovery, and business continuity solutions are in place. Advise clients on IT best practices and emerging technologies to enhance their business operations. Technical Skills & Expertise: Server Administration: Windows Server () Cloud Platforms: Azure, AWS (Deployments & Management) Networking: VLANs, Switch Stacks, LAN/WAN troubleshooting (Wireshark, iPerf) Security: Firewall rules, policies, DMZ configuration, cybersecurity best practices Microsoft Technologies: Active Directory, Entra, DNS/DHCP, Microsoft Exchange, Office 365 Virtualisation: VMware, Hyper-V Backup & Disaster Recovery Solutions Desirable Certifications: Microsoft Certified Professional (MCP), MCSA CCNA, VMware, Hyper-V Cloud Certifications (Azure/AWS) Firewall & Network Accreditations (Fortinet, Cisco, SonicWall, Ruckus) If you are interested to work for a company where innovation, security, and excellence drive our services, Apply Now! Please send your CV/coversheet